Hpw to Read Farbar Recovery Scan Tool

Wondering if this thread is airtight; last action over a yr ago. I'grand experiencing enormous problem with what looks like a corrupted iexplore.exe file; ran FRST but don't know where to go from hither. It looks like I need a fixlist.txt file, which plain I take no clue
Any aid would exist highly appreciated
2 reports; one) FRST study, 2) Addition.txt report:
/////////////////////////////////////////////// (1) FRST
Browse result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 03
Ran by NorMac (administrator) on LEVIATHON on 04-01-2015 09:03:29
Running from C:\Users\NorMac\Downloads
Loaded Contour: NorMac (Available profiles: NorMac)
Platform: Windows viii Pro (X64) OS Language: English (United States)
Internet Explorer Version ten (Default browser: FF)
Kicking Style: Normal
Tutorial for Farbar Recovery Scan Tool: http://world wide web.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-employ-farbar-recovery-browse-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will exist closed. The file will non be moved.)

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intuit) C:\Program Files (x86)\Mutual Files\Intuit\QuickBooks\QBCFMonitorService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Plan Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Managing director\WDDMService.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
(Western Digital ) C:\Plan Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Microsoft Corporation) C:\Programme Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.eight.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Safer-Networking Ltd.) C:\Plan Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.three.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Plan Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Awarding\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NAPSTAT.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
(Microsoft Corporation) C:\Windows\SysWOW64\systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NAPSTAT.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
(Google Inc.) C:\Programme Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will exist restored to default or removed. The file volition not be moved.)

HKLM\...\Run: [Logitech Download Banana] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [WD Quick View] => C:\Plan Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5237256 2012-12-twenty] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-twenty] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-x-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Plan Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-09-09] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Programme Files (x86)\Common Files\Coffee\Coffee Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-485173556-832918840-2370493585-1000\...\Run: [HP Officejet Pro 8600 (Cyberspace)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-485173556-832918840-2370493585-chiliad\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-19] (SUPERAntiSpyware)
HKU\S-1-5-21-485173556-832918840-2370493585-yard\...\Run: [eFax 4.4] => C:\Program Files (x86)\eFax Messenger 4.four\J2GDllCmd.exe [95744 2012-08-29] (j2 Global Communications, Inc.)
HKU\S-one-five-21-485173556-832918840-2370493585-g\...\Run: [cdloader] => C:\Users\NorMac\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2014-07-04] (magicJack L.P.)
HKU\S-1-5-21-485173556-832918840-2370493585-m\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2013-xi-14] (NETGEAR Inc.)
HKU\S-ane-5-21-485173556-832918840-2370493585-k\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy ii\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-485173556-832918840-2370493585-1000\...\Run: [EssentialPIM] => C:\Plan Files (x86)\EssentialPIM\EssentialPIM.exe [17719664 2014-12-01] (Astonsoft)
HKU\Due south-i-five-21-485173556-832918840-2370493585-thou\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\Due south-one-5-21-485173556-832918840-2370493585-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-v-21-485173556-832918840-2370493585-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Carte du jour\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\three.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\First Menu\Programs\Startup\QuickBooks Update Amanuensis.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Programme Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Bulldoze Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
Startup: C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\First Carte du jour\Programs\Startup\eFax 4.4.lnk
ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger iv.4\J2GTray.exe (j2 Global Communications, Inc.)
Startup: C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\Start Bill of fare\Programs\Startup\HMA Pro VPN two.0.lnk
ShortcutTarget: HMA Pro VPN 2.0.lnk -> C:\Program Files (x86)\HMA! Pro VPN\bin\HMA! Pro VPN.exe (Privax)
Startup: C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\Showtime Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Programme Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if information technology is a registry item information technology will exist removed or restored to default.)

HKU\S-1-v-21-485173556-832918840-2370493585-yard\SOFTWARE\Policies\Microsoft\Net Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://world wide web.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Chief,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Principal,Start Folio = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-485173556-832918840-2370493585-g\Software\Microsoft\Net Explorer\Chief,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-485173556-832918840-2370493585-yard\Software\Microsoft\Internet Explorer\Main,Starting time Page = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Net Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-i-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-twenty -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\Due south-1-5-21-485173556-832918840-2370493585-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://world wide web.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Programme Files (x86)\WinZip Courier\wzwmcie64.dll (WinZip Calculating, South.L.)
BHO-x32: RealPlayer Download and Tape Plugin for Cyberspace Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie32.dll (WinZip Computing, S.50.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {41525333-0076-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\NorMac\AppData\Roaming\Mozilla\Firefox\Profiles\p4jsu73l.default-1415307498372
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=one.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Gratis Ride Games\npExentCtl.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.two -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Programme Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @existent.com/nppl3260;version=xvi.0.3.51 -> C:\Programme Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=ane.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.three -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=three -> C:\Program Files (x86)\Google\Update\1.iii.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\one.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.five -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @winzip.com/Winzip Courier -> C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Programme Files (x86)\Free Ride Games\NPGameTreatPlugin.dll No File
FF Plugin HKU\S-1-5-21-485173556-832918840-2370493585-1000: @citrixonline.com/appdetectorplugin -> C:\Users\NorMac\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\Southward-1-5-21-485173556-832918840-2370493585-k: @unity3d.com/UnityPlayer,version=one.0 -> C:\Users\NorMac\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-01]
FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt
FF Extension: WinZip Courier - C:\Program Files (x86)\WinZip Courier\FFExt [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-x]
FF HKU\Southward-1-5-21-485173556-832918840-2370493585-chiliad\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Browse Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Contour: C:\Users\NorMac\AppData\Local\Google\Chrome\User Information\Default
CHR Extension: (Google Slides) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-16]
CHR Extension: (Google Docs) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-eleven-16]
CHR Extension: (Google Drive) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Information\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10]
CHR Extension: (YouTube) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-sixteen]
CHR Extension: (Google Search) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-xvi]
CHR Extension: (Google Sheets) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-16]
CHR Extension: (Avast Online Security) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (WinZip Courier) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Information\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk [2014-05-28]
CHR Extension: (Google Wallet) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-28]
CHR Extension: (Gmail) - C:\Users\NorMac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-eleven-xvi]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-twenty]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [ilckobikkmajlmhhdenkhonjkoaneclk] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2013-02-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service volition be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-20] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-20] (Avast Software)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-xviii] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Programme Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-fifteen] (Hewlett-Packard Company)
S3 McComponentHostService; C:\Program Files\McAfee Security Browse\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 Internet Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File non signed]
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-fourteen] (NETGEAR)
S3 OpenVPNService; C:\Programme Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [34528 2013-04-24] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [24576 2008-09-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-08-08] (Intuit Inc.) [File non signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-fourteen] ()
R2 SDScannerService; C:\Plan Files (x86)\Spybot - Search & Destroy two\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1155088 2012-12-twenty] (Western Digital )
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]
R2 WDDriveService; C:\Plan Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248840 2012-12-20] (Western Digital)
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front end Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1178128 2012-12-20] (Western Digital )
R2 WDSC; C:\Programme Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
S3 WinDefend; C:\Plan Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will exist removed from the registry. The file will non be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-20] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-20] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win seven DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 ICDUSB3; C:\Windows\System32\Drivers\ICDUSB3.sys [13312 2008-08-18] (Sony Corporation)
R3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2014-02-eleven] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Programme Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-20] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 X5XSEx_Pr143; \??\C:\Plan Files (x86)\Costless Ride Games\X5XSEx_Pr143.Sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an detail is included in the fixlist, information technology volition exist removed from the registry. Whatsoever associated file could be listed separately to be moved.)

==================== Ane Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-04 09:06 - 2015-01-04 09:06 - 01707939 _____ (Thisisu) C:\Users\NorMac\Downloads\JRT (2).exe
2015-01-04 09:03 - 2015-01-04 09:05 - 00025082 _____ () C:\Users\NorMac\Downloads\FRST.txt
2015-01-04 09:01 - 2015-01-04 09:01 - 02173952 _____ () C:\Users\NorMac\Downloads\AdwCleaner (one).exe
2015-01-04 09:00 - 2015-01-04 09:03 - 00000000 ____D () C:\FRST
2015-01-04 08:51 - 2015-01-04 08:52 - 02123776 _____ (Farbar) C:\Users\NorMac\Downloads\FRST64.exe
2015-01-03 23:10 - 2015-01-03 23:10 - 00002790 _____ () C:\Users\NorMac\Desktop\cc_20150103_230953.reg
2015-01-03 22:33 - 2015-01-03 22:33 - 00003234 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-one-5-21-485173556-832918840-2370493585-thou
2015-01-03 22:32 - 2015-01-03 22:32 - 00003366 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-one-5-21-485173556-832918840-2370493585-grand
2015-01-02 xix:06 - 2015-01-02 19:06 - 00000000 ____D () C:\ProgramData\Sophos
2015-01-02 19:04 - 2015-01-02 nineteen:04 - 00002759 _____ () C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2015-01-02 19:04 - 2015-01-02 xix:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Beginning Bill of fare\Programs\Sophos
2015-01-02 19:04 - 2015-01-02 19:04 - 00000000 ____D () C:\Program Files (x86)\Sophos
2015-01-02 18:59 - 2015-01-02 18:47 - 107479960 _____ (Sophos Limited) C:\Users\NorMac\Desktop\Sophos Virus Removal Tool(i).exe
2015-01-02 17:31 - 2015-01-02 17:xl - 01771732 _____ (Sophos Express) C:\Users\NorMac\Downloads\Unconfirmed 257443.crdownload
2015-01-02 12:53 - 2015-01-02 12:53 - 06824304 _____ (ParetoLogic, Inc.) C:\Users\NorMac\Downloads\Repair_Tool.exe
2015-01-02 12:42 - 2015-01-02 12:42 - 00000794 _____ () C:\WINDOWS\setupact.log
2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-02 09:03 - 2015-01-02 09:03 - 00000999 _____ () C:\Users\NorMac\Desktop\magicJack.lnk
2015-01-01 22:21 - 2015-01-01 22:21 - 00050508 _____ () C:\Users\NorMac\Desktop\cc_20150101_222046.reg
2015-01-01 21:44 - 2015-01-01 21:45 - 125705984 _____ (Microsoft Corporation) C:\Users\NorMac\Downloads\msert.exe
2015-01-01 21:03 - 2015-01-01 21:03 - 00002774 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-01-01 21:03 - 2015-01-01 21:03 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-01 21:03 - 2015-01-01 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Commencement Menu\Programs\CCleaner
2015-01-01 21:03 - 2015-01-01 21:03 - 00000000 ____D () C:\Programme Files\CCleaner
2015-01-01 21:02 - 2015-01-01 21:02 - 05317104 _____ (Piriform Ltd) C:\Users\NorMac\Downloads\ccsetup501.exe
2015-01-01 19:xv - 2015-01-01 19:30 - 00002278 _____ () C:\Users\NorMac\Desktop\Rkill.txt
2014-12-31 22:19 - 2015-01-03 23:24 - 00451271 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-31 22:17 - 2014-12-31 22:eighteen - 00511088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-31 xix:57 - 2014-12-31 19:57 - 00149144 _____ () C:\Users\NorMac\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-30 twenty:11 - 2014-12-30 xx:11 - 00516603 _____ () C:\Users\NorMac\Downloads\2813_timeline_business_plan.naught
2014-12-30 20:10 - 2014-12-30 twenty:eleven - 00436139 _____ () C:\Users\NorMac\Downloads\2828-timeline-gantt-ppt.null
2014-12-30 twenty:x - 2014-12-xxx 20:10 - 00216114 _____ () C:\Users\NorMac\Downloads\marketing-plan-timeline-template.zip
2014-12-thirty 20:09 - 2014-12-30 xx:10 - 00172321 _____ () C:\Users\NorMac\Downloads\partner-development-powerpoint-timeline(1).zip
2014-12-30 20:09 - 2014-12-30 20:09 - 00188111 _____ () C:\Users\NorMac\Downloads\resume-timeline-career-path.nix
2014-12-30 20:08 - 2014-12-30 20:09 - 00172321 _____ () C:\Users\NorMac\Downloads\partner-evolution-powerpoint-timeline.zip
2014-12-thirty 20:07 - 2014-12-thirty 20:07 - 00138727 _____ () C:\Users\NorMac\Downloads\1028_schedule_ppt.zip
2014-12-xxx 20:06 - 2014-12-30 xx:06 - 00348531 _____ () C:\Users\NorMac\Downloads\980_post_it_ppt.zip
2014-12-thirty 20:03 - 2014-12-thirty twenty:03 - 00081088 _____ () C:\Users\NorMac\Downloads\51.zip
2014-12-30 twenty:01 - 2014-12-thirty 20:01 - 00626823 _____ () C:\Users\NorMac\Downloads\188.nil
2014-12-xxx 19:47 - 2014-12-30 19:47 - 00317699 _____ () C:\Users\NorMac\Downloads\1737_children_ppt.zip
2014-12-30 19:47 - 2014-12-30 19:47 - 00242204 _____ () C:\Users\NorMac\Downloads\881_puppies walking blue_ppt.nil
2014-12-thirty 19:47 - 2014-12-30 19:47 - 00191683 _____ () C:\Users\NorMac\Downloads\1992_turtle_ppt.zip
2014-12-thirty xix:46 - 2014-12-30 nineteen:46 - 00549822 _____ () C:\Users\NorMac\Downloads\1791_childhood_ppt.aught
2014-12-thirty 19:44 - 2014-12-thirty 19:45 - 00296313 _____ () C:\Users\NorMac\Downloads\846_twitter_ppt.zip
2014-12-thirty nineteen:42 - 2014-12-30 19:42 - 00316625 _____ () C:\Users\NorMac\Downloads\329_white_horse_ppt.zip
2014-12-29 21:00 - 2014-12-29 21:00 - 13087456 _____ (Microsoft Corporation) C:\Users\NorMac\Downloads\Silverlight_x64 (2).exe
2014-12-29 20:56 - 2014-12-29 20:56 - 00079991 _____ () C:\Users\NorMac\Downloads\silverlight.diagcab
2014-12-28 22:43 - 2014-12-29 21:08 - 00003344 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-ane-5-21-485173556-832918840-2370493585-1000
2014-12-28 22:43 - 2014-12-29 21:08 - 00003212 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-485173556-832918840-2370493585-grand
2014-12-28 nineteen:39 - 2014-12-28 15:16 - 00000000 __SHD () C:\Jumpshot
2014-12-28 19:37 - 2014-12-28 22:36 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-12-26 20:17 - 2014-12-26 20:44 - 00000247 _____ () C:\WINDOWS\system32\2014-12-27-01-17-00.093-aswFe.exe-1596.log
2014-12-26 20:16 - 2014-12-26 20:16 - 00000197 _____ () C:\WINDOWS\system32\2014-12-27-01-sixteen-49.018-AvastVBoxSVC.exe-11984.log
2014-12-26 fifteen:23 - 2014-12-26 fifteen:37 - 00000247 _____ () C:\WINDOWS\system32\2014-12-26-twenty-23-30.049-aswFe.exe-13796.log
2014-12-26 xv:22 - 2014-12-26 fifteen:22 - 00000197 _____ () C:\WINDOWS\system32\2014-12-26-20-22-43.029-AvastVBoxSVC.exe-6888.log
2014-12-26 14:thirteen - 2014-12-26 14:22 - 00000247 _____ () C:\WINDOWS\system32\2014-12-26-xix-13-36.033-aswFe.exe-14272.log
2014-12-26 14:13 - 2014-12-26 14:13 - 00000197 _____ () C:\WINDOWS\system32\2014-12-26-19-13-29.055-AvastVBoxSVC.exe-4232.log
2014-12-25 xv:36 - 2014-12-25 15:37 - 00000197 _____ () C:\WINDOWS\system32\2014-12-25-twenty-36-08.072-AvastVBoxSVC.exe-3668.log
2014-12-25 xv:35 - 2014-11-26 xvi:11 - 00714184 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-25 xv:35 - 2014-11-26 16:11 - 00106440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-25 15:10 - 2014-12-25 15:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-25 15:08 - 2014-10-08 23:00 - 01519104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-12-25 15:08 - 2014-ten-08 23:00 - 01484288 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-12-25 15:08 - 2014-10-08 23:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-12-25 15:08 - 2014-ten-08 22:59 - 01195520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-25 fifteen:08 - 2014-x-08 22:59 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-25 12:06 - 2014-12-25 12:07 - 00000197 _____ () C:\WINDOWS\system32\2014-12-25-17-06-44.062-AvastVBoxSVC.exe-4776.log
2014-12-24 18:51 - 2014-12-24 18:53 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\EPIM-Outlook Sync
2014-12-24 18:50 - 2014-12-24 18:l - 00000849 _____ () C:\Users\Public\Desktop\EPIM-Outlook Sync.lnk
2014-12-24 xviii:50 - 2014-12-24 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Card\Programs\EPIM-Outlook Sync
2014-12-24 xviii:50 - 2014-12-24 eighteen:fifty - 00000000 ____D () C:\Plan Files\EPIM-Outlook Sync
2014-12-24 18:11 - 2014-12-24 eighteen:11 - 00000000 ____D () C:\Users\NorMac\Documents\NorMac
2014-12-24 17:34 - 2014-12-24 17:34 - 16227712 _____ () C:\Users\NorMac\Downloads\EssentialPIMPro6(1).exe
2014-12-24 16:51 - 2014-12-24 16:53 - 00000197 _____ () C:\WINDOWS\system32\2014-12-24-21-51-58.024-AvastVBoxSVC.exe-3700.log
2014-12-23 08:51 - 2014-12-23 08:51 - 00000197 _____ () C:\WINDOWS\system32\2014-12-23-thirteen-51-00.058-AvastVBoxSVC.exe-4720.log
2014-12-22 18:08 - 2014-12-22 xviii:10 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-23-08-39.021-AvastVBoxSVC.exe-3512.log
2014-12-21 17:51 - 2014-12-21 17:51 - 00000247 _____ () C:\WINDOWS\system32\2014-12-21-22-51-fourteen.079-aswFe.exe-5972.log
2014-12-21 17:45 - 2014-12-21 17:50 - 00000247 _____ () C:\WINDOWS\system32\2014-12-21-22-45-52.048-aswFe.exe-9344.log
2014-12-21 17:45 - 2014-12-21 17:45 - 00000197 _____ () C:\WINDOWS\system32\2014-12-21-22-45-50.034-AvastVBoxSVC.exe-8124.log
2014-12-xx 21:34 - 2014-12-20 21:35 - 00000247 _____ () C:\WINDOWS\system32\2014-12-21-02-34-57.092-aswFe.exe-5748.log
2014-12-xx 21:xxx - 2014-12-xx 21:34 - 00000247 _____ () C:\WINDOWS\system32\2014-12-21-02-30-36.025-aswFe.exe-5252.log
2014-12-twenty 21:30 - 2014-12-20 21:thirty - 00000197 _____ () C:\WINDOWS\system32\2014-12-21-02-30-32.062-AvastVBoxSVC.exe-4584.log
2014-12-20 fifteen:20 - 2014-12-20 15:23 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-20 fifteen:20 - 2014-12-xx 15:23 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-20 10:58 - 2014-12-20 10:58 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-20 ten:58 - 2014-12-twenty 10:57 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-20 ten:57 - 2014-12-20 10:57 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-19 10:27 - 2014-12-30 18:26 - 00000000 ____D () C:\Users\NorMac\Downloads\NY Cooperative Loan Recognition Agreement_files
2014-12-19 ten:27 - 2014-12-19 ten:27 - 00026190 _____ () C:\Users\NorMac\Downloads\NY Cooperative Loan Recognition Agreement.html
2014-12-17 14:04 - 2014-12-17 14:04 - 02166272 _____ () C:\Users\NorMac\Downloads\adwcleaner_4.105.exe
2014-12-16 22:49 - 2014-12-23 20:33 - 00065536 ____H () C:\Users\NorMac\Documents\~Outlook-12345.pst.tmp
2014-12-xvi 22:34 - 2014-12-31 21:42 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\EssentialPIM Pro
2014-12-16 22:34 - 2014-12-24 18:22 - 00001087 _____ () C:\Users\Public\Desktop\EssentialPIM Pro.lnk
2014-12-16 22:34 - 2014-12-16 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EssentialPIM Pro
2014-12-16 22:34 - 2014-12-xvi 22:34 - 00000000 ____D () C:\Plan Files (x86)\EssentialPIM Pro
2014-12-sixteen 22:32 - 2014-12-16 22:32 - 16279040 _____ () C:\Users\NorMac\Downloads\EssentialPIMPro6.exe
2014-12-16 21:10 - 2014-12-16 21:ten - 00012540 _____ () C:\Users\NorMac\Documents\cc_20141216_211001.reg
2014-12-10 09:59 - 2014-12-10 09:59 - 00085862 _____ () C:\Users\NorMac\Documents\cc_20141210_095952.reg
2014-12-x 09:39 - 2014-11-21 03:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 09:39 - 2014-xi-21 03:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 09:39 - 2014-11-21 03:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 09:39 - 2014-eleven-21 03:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-12-10 09:39 - 2014-xi-21 03:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-12-10 09:39 - 2014-eleven-21 03:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-ten 09:39 - 2014-eleven-21 03:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-12-x 09:39 - 2014-eleven-21 03:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-12-x 09:39 - 2014-11-21 03:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-12-10 09:39 - 2014-eleven-21 03:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-12-10 09:39 - 2014-11-21 03:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-12-ten 09:39 - 2014-11-21 03:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-x 09:39 - 2014-11-21 02:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 09:39 - 2014-11-21 02:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 09:39 - 2014-eleven-21 02:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-12-10 09:39 - 2014-11-21 02:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 09:39 - 2014-11-21 02:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-12-x 09:39 - 2014-11-21 02:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-x 09:39 - 2014-xi-21 02:sixteen - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 09:39 - 2014-11-21 02:sixteen - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-ten 09:39 - 2014-11-21 02:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 09:39 - 2014-11-21 02:sixteen - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 09:39 - 2014-xi-21 02:xvi - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-12-10 09:39 - 2014-eleven-21 02:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 09:39 - 2014-11-21 02:xvi - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-ten 09:39 - 2014-11-21 02:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-12-10 09:39 - 2014-xi-21 02:sixteen - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-12-x 09:39 - 2014-eleven-21 02:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-12-10 09:39 - 2014-eleven-21 02:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-12-10 09:39 - 2014-11-21 02:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-12-10 09:39 - 2014-11-21 01:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-12-x 09:39 - 2014-11-xx 23:xxx - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-12-10 09:39 - 2014-x-11 02:44 - 19764736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-12-10 09:39 - 2014-ten-11 00:57 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-12-x 09:39 - 2014-10-08 22:59 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-12-10 09:39 - 2014-x-08 22:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-12-10 09:39 - 2014-ten-08 22:58 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-ten 09:39 - 2014-09-22 00:38 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-12-x 09:39 - 2014-09-21 22:56 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-12-x 09:39 - 2014-09-17 18:24 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2014-12-ten 09:39 - 2014-09-17 xviii:24 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2014-12-10 09:39 - 2014-09-17 18:24 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2014-12-10 09:39 - 2014-09-17 xviii:24 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2014-12-10 09:39 - 2014-09-17 17:57 - 01346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2014-12-10 09:39 - 2014-09-17 17:57 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2014-12-10 09:39 - 2014-09-17 17:57 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2014-12-10 09:39 - 2014-09-17 17:57 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2014-12-x 09:38 - 2014-11-21 02:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 09:38 - 2014-11-21 02:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 09:38 - 2014-11-06 01:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 09:38 - 2014-11-06 00:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-08 22:56 - 2014-12-08 22:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-07 12:31 - 2014-12-17 fourteen:10 - 00000000 ____D () C:\AdwCleaner
2014-12-07 12:31 - 2014-12-07 12:31 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 23:35 - 2014-12-06 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-06 23:xxx - 2014-12-17 13:55 - 00096472 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-06 23:xxx - 2014-12-17 13:55 - 00000000 ____D () C:\Users\NorMac\Desktop\mbar
2014-12-06 23:29 - 2014-12-06 23:29 - 01944824 _____ (Bleeping Estimator, LLC) C:\Users\NorMac\Downloads\rkill.exe
2014-12-06 23:28 - 2014-12-06 23:29 - 01707646 _____ (Thisisu) C:\Users\NorMac\Downloads\JRT (1).exe
2014-12-06 23:02 - 2014-12-06 23:02 - 00001069 _____ () C:\Users\NorMac\Documents\checkup.txt
2014-12-06 09:56 - 2014-12-06 09:56 - 00002008 _____ () C:\Users\Public\Desktop\HP Print and Browse Doc.lnk
2014-12-06 09:34 - 2014-12-06 09:34 - 00003618 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8610
2014-12-06 09:33 - 2014-12-06 09:33 - 00002164 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2014-12-06 09:33 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM7112.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will exist moved.)

2015-01-04 09:04 - 2013-05-10 x:44 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 09:02 - 2013-05-01 19:34 - 00000000 ____D () C:\Users\NorMac\AppData\Local\CrashDumps
2015-01-04 09:00 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-04 08:32 - 2012-07-26 02:28 - 00852298 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-04 08:29 - 2013-02-28 12:24 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-03 23:28 - 2014-07-26 10:58 - 00000588 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-Southward-1-5-21-485173556-832918840-2370493585-one thousand.job
2015-01-03 22:34 - 2012-12-xix 04:36 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Offset Menu Cache Files-S-1-5-21-485173556-832918840-2370493585-1000
2015-01-03 22:32 - 2014-06-10 12:45 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-03 22:30 - 2013-05-x 10:44 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 22:29 - 2012-07-26 02:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-02 09:03 - 2013-09-14 10:47 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\mjusbsp
2015-01-02 09:03 - 2013-09-14 10:39 - 00000985 _____ () C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\Start Bill of fare\Programs\magicJack.lnk
2015-01-01 20:36 - 2012-12-19 04:11 - 00000000 ____D () C:\Users\NorMac
2015-01-01 xx:28 - 2014-10-06 20:30 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-01 20:28 - 2014-10-06 twenty:21 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2015-01-01 20:28 - 2013-02-11 18:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Data
2015-01-01 20:21 - 2013-08-07 nineteen:49 - 00000000 ____D () C:\ProgramData\Apple
2015-01-01 13:22 - 2013-02-04 18:35 - 01111552 ___SH () C:\Users\NorMac\Downloads\Thumbs.db
2014-12-31 22:28 - 2013-04-28 12:58 - 00000000 ____D () C:\Users\NorMac\Desktop\4-X-13 TO DO Binder
2014-12-31 22:nineteen - 2013-01-fourteen xix:42 - 00000000 ____D () C:\ProgramData\Western Digital
2014-12-31 22:13 - 2013-09-09 xiv:54 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\Audacity
2014-12-30 18:39 - 2012-12-xx 01:00 - 02285056 ___SH () C:\Users\NorMac\Desktop\Thumbs.db
2014-12-30 18:26 - 2014-10-23 11:43 - 00000000 ____D () C:\Users\NorMac\Downloads\Ansonia-Milford JD Directions - CT Judicial Branch_files
2014-12-xxx 17:20 - 2012-11-09 13:01 - 00000000 ____D () C:\Users\NorMac\Documents\9-Sony IC recorder files
2014-12-28 20:15 - 2012-12-xix 04:11 - 06815744 ___SH () C:\Users\NorMac\.ghost-ntfs-3g-00000000000000000013
2014-12-28 xx:fifteen - 2012-07-26 00:26 - 95944704 _____ () C:\WINDOWS\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-12-28 20:15 - 2012-07-26 00:26 - 34603008 _____ () C:\WINDOWS\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-12-26 13:55 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-25 17:36 - 2014-x-14 16:30 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\vlc
2014-12-25 15:35 - 2013-07-10 15:32 - 00000884 __RSH () C:\Users\NorMac\ntuser.pol
2014-12-25 xv:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-25 15:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Offset Menu\Programs\System Tools
2014-12-25 15:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Card\Programs\System Tools
2014-12-25 15:27 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Bill of fare\Programs\Accessories
2014-12-25 xv:27 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-25 fifteen:27 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-25 fifteen:22 - 2012-12-twenty 00:30 - 00000000 ____D () C:\ProgramData\Microsoft Assistance
2014-12-24 16:34 - 2014-02-06 22:11 - 2011317248 _____ () C:\Users\NorMac\Documents\Outlook-12345.pst
2014-12-24 16:19 - 2014-07-26 10:58 - 00003592 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-one-five-21-485173556-832918840-2370493585-one thousand
2014-12-22 19:09 - 2014-11-10 xviii:51 - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\EssentialPIM
2014-12-22 18:44 - 2013-06-07 12:20 - 00000000 ____D () C:\Users\NorMac\Desktop\Sutton Place Properties LLC
2014-12-21 20:46 - 2012-12-19 17:58 - 00000000 ____D () C:\Users\NorMac\AppData\Local\CutePDF Writer
2014-12-20 22:05 - 2012-12-20 00:42 - 00000000 ____D () C:\Users\NorMac\AppData\Local\HP
2014-12-20 15:fifteen - 2014-02-11 23:54 - 00000000 ____D () C:\Users\NorMac\AppData\Local\NETGEARGenie
2014-12-20 xv:10 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-20 10:58 - 2014-06-10 12:45 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-20 ten:57 - 2014-06-10 12:45 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-xx 10:57 - 2014-06-10 12:45 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-20 ten:57 - 2014-06-10 12:45 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-12-20 10:57 - 2014-06-10 12:45 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-12-20 x:57 - 2014-06-x 12:45 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-20 10:57 - 2014-06-10 12:45 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-twenty x:57 - 2014-06-10 12:45 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-xx 08:12 - 2012-07-26 00:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-sixteen twenty:45 - 2012-12-27 18:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-16 00:56 - 2013-03-01 08:59 - 00030208 _____ () C:\Users\NorMac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-14 14:33 - 2012-12-19 18:06 - 00000000 ____D () C:\Users\NorMac\AppData\Local\Adobe
2014-12-14 x:28 - 2013-02-06 17:44 - 00545792 ___SH () C:\Users\NorMac\Documents\Thumbs.db
2014-12-12 23:14 - 2013-05-ten 10:45 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 08:45 - 2012-12-19 04:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 08:36 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-12-07 17:18 - 2014-12-02 21:xi - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-07 12:50 - 2013-eleven-xx 00:thirteen - 00001083 _____ () C:\Users\NorMac\AppData\Roaming\Microsoft\Windows\Showtime Carte\Programs\Search.lnk
2014-12-06 23:35 - 2014-04-08 17:40 - 00135384 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 09:56 - 2012-12-20 00:49 - 00000000 ____D () C:\ProgramData\HP
2014-12-06 09:56 - 2012-12-twenty 00:49 - 00000000 ____D () C:\Plan Files (x86)\HP
2014-12-06 09:40 - 2012-12-twenty 00:fifty - 00000000 ____D () C:\Users\NorMac\AppData\Roaming\HpUpdate
2014-12-06 09:35 - 2014-09-25 12:03 - 00000000 ____D () C:\Programme Files (x86)\Hewlett-Packard
2014-12-06 09:34 - 2012-12-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-06 09:thirty - 2012-12-xx 00:49 - 00000000 ____D () C:\Program Files\HP

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-03 03:01

==================== End Of Log ============================

//////////////// (ii) Addition.TXT REPORT

Boosted scan upshot of Farbar Recovery Browse Tool (x64) Version: 03-01-2015 03
Ran past NorMac at 2015-01-04 09:11:36
Running from C:\Users\NorMac\Downloads
Kick Way: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, information technology will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
As: Windows Defender (Disabled - Out of appointment) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
As: Spybot - Search and Destroy (Enabled - Out of appointment) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
Every bit: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6400_Help (x32 Version: ane.00.0000 - Hewlett-Packard) Hidden
8GadgetPack (HKLM-x32\...\{DE18940E-5986-480A-8518-7327D14756D3}) (Version: 6.0.0 - Helmut Buhler)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Actor NPAPI) (Version: xvi.0.0.235 - Adobe Systems Incorporated)
Adobe Reader Xi (xi.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Role player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Ashampoo Burning Studio 2013 v.xi.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\{41525333-0076-A76A-76A7-A758B70B0A00}) (Version: 11.10.0.748 - Ask Partner Network) <==== Attending
Brazenness 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avast Gratis Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.three.three.535 - Online Media Technologies Ltd.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.iii.132.0 - Microsoft Corporation)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Subconscious
BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: one.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia Studio 8 (HKLM-x32\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: eight.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: one.0.204 - Citrix)
Cradle of Rome (HKLM-x32\...\exent_554750) (Version: - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Digital Voice Editor 3 (HKLM-x32\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: three.iii.01.11240 - Sony Corporation)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-485173556-832918840-2370493585-chiliad\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: four.4.2.533 - j2 Global)
EPIM-Outlook Sync (HKLM-x32\...\EPIM-Outlook Sync) (Version: vi.0 - Astonsoft Ltd)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.02 - Astonsoft Ltd)
EssentialPIM Pro (HKLM-x32\...\EssentialPIM Pro) (Version: 6.03 - Astonsoft Ltd)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Subconscious
FileZilla Customer 3.6.0.2 (HKLM-x32\...\FileZilla Customer) (Version: 3.6.0.two - FileZilla Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.iii.25.xi - Google Inc.) Subconscious
Google+ Auto Fill-in (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToMeeting 7.0.five.2130 (HKU\Due south-1-five-21-485173556-832918840-2370493585-1000\...\GoToMeeting) (Version: 7.0.five.2130 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Heroes of Hellas (HKLM-x32\...\exent_532150) (Version: - )
HMA! Pro VPN 2.8.1.10 (HKLM-x32\...\HMA! Pro VPN) (Version: two.8.1.ten - )
HP Customer Participation Program fourteen.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: fourteen.0 - HP)
HP OfficeJet J6400 14.0 Rel. 6 (HKLM\...\{4B4B81D9-3C2C-4388-A281-40F3299B911E}) (Version: xiv.0 - HP)
HP Officejet Pro 8600 Bones Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{DAE3B13B-5097-4EAE-BC26-C463377BD80E}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: xi.51.0027 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: i.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Subconscious
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.iii.4.0 - HP)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.one.5.5 - Apple Inc.)
J6400 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
magicJack (HKU\S-i-5-21-485173556-832918840-2370493585-one thousand\...\magicJack) (Version: iv.1.7574.5297 - magicJack Fifty.P.)
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Subconscious
McAfee Security Browse Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.i - McAfee, Inc.)
Media Role player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: one.5.2.3456 - MPC-HC Team)
Microsoft Function 2007 Main Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Role Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: eight.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: ix.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: ten.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 en-US)) (Version: 31.3.0 - Mozilla)
mPlayer version 1.0 (HKLM-x32\...\{B482E758-D602-434C-80B9-DDEFEEAE4BCA}_is1) (Version: 1.0 - Download Freely, LLC)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite x (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.16 - NETGEAR Inc.)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: xiv.0 - HP)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Product Comeback Study for HP Officejet Pro 8610 (HKLM\...\{710F7B0F-A679-4314-8E69-E868B660FAEA}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
QuickBooks Pro 2009 (HKLM-x32\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4001.703 - Intuit Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Subconscious
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealUpgrade 1.one (x32 Version: one.ane.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Subconscious
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: ii.five.4 - Sophos Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: ii.3.39 - Safer-Networking Ltd.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: i.20 - Stardock Software, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.half-dozen.1010 - SUPERAntiSpyware.com)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Subconscious
TaxACT 2006 (HKLM-x32\...\TaxACT 2006) (Version: - 2nd Story Software, Inc.)
TaxACT 2007 (HKLM-x32\...\TaxACT 2007) (Version: - 2nd Story Software, Inc.)
TaxACT 2008 (HKLM-x32\...\TaxACT 2008) (Version: - 2nd Story Software, Inc.)
TaxACT 2010 (HKLM-x32\...\TaxACT 2010) (Version: - 2nd Story Software, Inc.)
TaxACT 2010 New York (HKLM-x32\...\TaxACT 2010 New York) (Version: - 2nd Story Software, Inc.)
TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version: - 2nd Story Software, Inc.)
TaxACT 2012 - 1120 Edition (HKLM-x32\...\TaxACT 2012 - 1120 Edition) (Version: - 2nd Story Software, Inc.)
TaxACT 2012 New York - 1120 Edition (HKLM-x32\...\TaxACT 2012 New York - 1120 Edition) (Version: - 2nd Story Software, Inc.)
TaxACT 2012 New York (HKLM-x32\...\TaxACT 2012 New York) (Version: - 2nd Story Software, Inc.)
TaxACT 2013 - 1040 Edition (HKLM-x32\...\TaxACT 2013 - 1040 Edition) (Version: - TaxACT, Inc.)
TaxACT 2013 - 1120 Edition (HKLM-x32\...\TaxACT 2013 - 1120 Edition) (Version: - TaxACT, Inc.)
TaxACT 2013 New York - 1120 Edition (HKLM-x32\...\TaxACT 2013 New York - 1120 Edition) (Version: - TaxACT, Inc.)
TaxACT 2013 New York (HKLM-x32\...\TaxACT 2013 New York) (Version: - TaxACT, Inc.)
Time Riddles: The Mansion (HKLM-x32\...\exent_683150) (Version: - )
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version: - Intuit, Inc)
TurboTax Business 2010 (HKLM-x32\...\TurboTax Business 2010) (Version: - Intuit, Inc)
Unity Web Player (HKU\S-1-5-21-485173556-832918840-2370493585-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2005 Tools for Role Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Role Runtime) (Version: - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media histrion) (Version: 2.1.v - VideoLAN)
WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.four.5.5 - Western Digital)
WD SmartWare (HKLM\...\{9798BB87-01B9-4D46-8EA0-6681E72BDE87}) (Version: 1.half dozen.5.2 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Subconscious
WinRAR 4.twenty (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip Courier (HKLM-x32\...\{CD95F661-A5C4-11AF-B2CC-ABCD21A325BC}) (Version: iv.five.10424 - WinZip Computing, Southward.L. )
Wondershare DVD Creator(Build ii.6.five) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version: - Wondershare)
XMind 2012 (v3.3.1) (HKLM-x32\...\XMind_is1) (Version: 3.3.one.201212250029 - XMind Ltd.)
Your Software Deals i.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: one.0.0 - Ashampoo GmbH & Co. KG)
Youtube Downloader HD five. 2.9.9.14 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zimbra Desktop (HKLM-x32\...\{B88E669F-9435-4677-A308-2D2690301754}) (Version: 7.2.5.12038 - Zimbra)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, information technology will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-v-21-485173556-832918840-2370493585-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\NorMac\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Plan Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\NorMac\AppData\Local\Citrix\GoToMeeting\1440\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-i-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{943F19B2-32F9-4373-8D4C-DBE62B95F2CF}\InprocServer32 -> C:\Programme Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-five-21-485173556-832918840-2370493585-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the information entry has 251 more than characters). <==== Poweliks?
CustomCLSID: HKU\S-ane-five-21-485173556-832918840-2370493585-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NorMac\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NorMac\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-485173556-832918840-2370493585-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NorMac\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\Southward-1-v-21-485173556-832918840-2370493585-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NorMac\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2014-10-30 09:38 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, information technology will be removed from registry. Any associated file could be listed separately to exist moved.)

Task: {0F8B3B22-4EA7-489F-8045-C48E18D91FA6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy ii\SDUpdate.exe
Task: {1983858A-6EB9-4995-A988-409BF0C1868B} - System32\Tasks\avast! Emergency Update => C:\Plan Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-xx] (AVAST Software)
Job: {2769D9A0-4920-4AD7-9487-C5D5B4847B0A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {48802F80-ED7F-430C-8645-3D1C31C0C1D1} - System32\Tasks\Open Chrome => Chrome.exe --new-window http://toolbar.avg.com/near-washed?pid=safeguard&amp;lang=en
Task: {5A6D7855-2CB0-44BD-88B3-1032F9F78CB9} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-ane-5-21-485173556-832918840-2370493585-k => C:\Plan Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-xiv] (RealNetworks, Inc.)
Task: {5DF0BDA0-D387-4B0B-AC1E-2A7A9F53C912} - System32\Tasks\G2MUpdateTask-S-1-5-21-485173556-832918840-2370493585-1000 => C:\Users\NorMac\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe [2014-12-24] (Citrix Online, a sectionalisation of Citrix Systems, Inc.)
Task: {606FCEDA-6C92-4E27-9427-ED08F354ED58} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-v-21-485173556-832918840-2370493585-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {60DCDFEB-EDCB-4A6C-BF6D-E1CA8016626A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-27] (Microsoft Corporation)
Task: {6FFB3B73-4E27-4117-9EA3-C2FC754F573B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Plan Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {7E5D0F91-D775-4A0A-83B3-5F3D2FA6F788} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-10] (Google Inc.)
Chore: {8F297ACA-A8AE-4D92-AF56-46D73B58F602} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-485173556-832918840-2370493585-g => C:\Programme Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {907BBD30-74CB-40E6-AA8F-AD8005FB2A5A} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-one-5-21-485173556-832918840-2370493585-thousand => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AD9B9AED-42BA-4E4C-8632-14F0FE33165F} - System32\Tasks\{4851C7F9-7E33-46BC-8896-C0A9DCBDA153} => pcalua.exe -a C:\ProgramData\BrowserProtect\ii.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=3c3d33e7d8853371 /um
Task: {AE7F524C-65FC-4D54-93A4-045E7D9F1F3A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {C203381B-56CD-4040-A1DE-B48855B365C5} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-i-5-21-485173556-832918840-2370493585-chiliad => C:\Program Files (x86)\Existent\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Job: {CBB23B04-EB3C-4940-BF29-43281C27A1D1} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Job: {CD6CF9B9-297B-4922-8B33-DE74C19328CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-10] (Google Inc.)
Job: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-485173556-832918840-2370493585-1000.job => C:\Users\NorMac\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.task => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 17:57 - 2012-10-04 22:49 - 00087152 _____ () C:\WINDOWS\System32\cpwmon64.dll
2013-08-fourteen 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2011-03-09 10:41 - 2011-03-09 10:41 - 01066896 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2011-03-09 10:41 - 2011-03-09 10:41 - 00491920 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2013-07-thirteen 17:02 - 2013-01-12 13:33 - 00012520 _____ () C:\Users\NorMac\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2013-07-13 17:02 - 2013-01-12 xiii:33 - 00015080 _____ () C:\Users\NorMac\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2013-07-13 17:02 - 2013-01-12 xiii:33 - 00014056 _____ () C:\Users\NorMac\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2013-11-xiv 08:12 - 2013-xi-14 08:12 - 00105216 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2015-01-03 12:07 - 2015-01-03 12:07 - 02909696 _____ () C:\Plan Files\AVAST Software\Avast\defs\15010301\algo.dll
2015-01-04 08:44 - 2015-01-04 08:44 - 02909696 _____ () C:\Programme Files\AVAST Software\Avast\defs\15010400\algo.dll
2014-06-06 11:56 - 2014-04-25 13:eleven - 00109400 _____ () C:\Plan Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-06 11:56 - 2014-04-25 13:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-06 11:56 - 2014-04-25 xiii:11 - 00416600 _____ () C:\Plan Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-06 xi:56 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy ii\sqlite3.dll
2014-06-06 11:56 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-03-05 08:24 - 2010-03-05 08:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front end Parlor\WDFME\System.Data.SQLite.dll
2013-09-28 twenty:13 - 2013-09-28 20:thirteen - 00544817 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-09-28 20:13 - 2013-09-28 20:xiii - 00989805 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2013-09-28 20:14 - 2013-09-28 20:fourteen - 03369922 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icuin51.dll
2013-09-28 20:14 - 2013-09-28 xx:14 - 01978690 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\icuuc51.dll
2013-09-28 20:xiv - 2013-09-28 xx:xiv - 22378434 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\icudt51.dll
2013-09-28 20:xiv - 2013-09-28 20:14 - 01233408 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2013-12-06 03:04 - 2013-12-06 03:04 - 00465920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2013-12-05 06:36 - 2013-12-05 06:36 - 01547776 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-xi-10 20:59 - 2013-11-10 20:59 - 00192512 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-12-05 06:37 - 2013-12-05 06:37 - 00631808 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-12-06 00:55 - 2013-12-06 00:55 - 04956160 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-11-13 04:05 - 2013-11-thirteen 04:05 - 00427520 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-11-10 20:58 - 2013-eleven-10 xx:58 - 00144896 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2013-eleven-10 21:09 - 2013-eleven-x 21:09 - 01174528 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-12-05 06:31 - 2013-12-05 06:31 - 08558592 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-12-05 06:34 - 2013-12-05 06:34 - 01270272 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-11-10 20:59 - 2013-11-x xx:59 - 00068608 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\QRCode.dll
2013-12-06 02:57 - 2013-12-06 02:57 - 00199680 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-12-05 06:43 - 2013-12-05 06:43 - 00884736 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-eleven-10 21:21 - 2013-11-10 21:21 - 00427520 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-09-28 20:13 - 2013-09-28 20:thirteen - 00051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2013-09-28 20:13 - 2013-09-28 20:13 - 00052224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2013-09-28 20:13 - 2013-09-28 20:thirteen - 00261120 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2013-09-28 twenty:13 - 2013-09-28 20:13 - 00046080 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2013-eleven-x twenty:58 - 2013-11-10 20:58 - 00078848 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-11-10 20:56 - 2013-11-10 twenty:56 - 00140288 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2013-eleven-10 xx:56 - 2013-11-ten 20:56 - 00072192 _____ () C:\Plan Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2013-11-x 20:56 - 2013-eleven-x xx:56 - 00074752 _____ () C:\Programme Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2013-11-ten 20:56 - 2013-11-10 xx:56 - 00136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2013-12-05 06:43 - 2013-12-05 06:43 - 00641536 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-11-10 21:24 - 2013-eleven-10 21:24 - 00458752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-xi-x 21:23 - 2013-11-10 21:23 - 00046080 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-xi-10 twenty:56 - 2013-11-x 20:56 - 00066560 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2013-09-28 20:xiii - 2013-09-28 20:13 - 00040960 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2014-12-20 10:57 - 2014-12-20 10:57 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-02-13 19:55 - 2013-02-thirteen 19:55 - 00755712 _____ () C:\WINDOWS\associates\GAC_32\Organisation.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
2013-02-13 nineteen:55 - 2013-02-13 19:55 - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2013-02-13 14:10 - 2013-02-13 xiv:10 - 00854016 _____ () C:\WINDOWS\associates\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\Organisation.Data.SQLite.dll
2013-02-13 14:ten - 2013-02-13 fourteen:x - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2012-11-29 16:59 - 2012-xi-29 16:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Customer\fzshellext.dll
2014-12-12 23:fourteen - 2014-12-05 20:l - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 23:14 - 2014-12-05 20:50 - 00211272 _____ () C:\Programme Files (x86)\Google\Chrome\Awarding\39.0.2171.95\libegl.dll
2014-12-12 23:xiv - 2014-12-05 20:fifty - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 23:14 - 2014-12-05 20:50 - 01677128 _____ () C:\Plan Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 23:xiv - 2014-12-05 twenty:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Information Streams volition be removed.)

AlternateDataStreams: C:\Users\NorMac\AppData\Roaming\Tab Separated Values (Windows).EML:OECustomProperty

==================== Rubber Manner (whitelisted) ===================

(If an item is included in the fixlist, information technology will be removed from the registry. The "AlternateShell" volition exist restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MZA => ""="service"

==================== EXE Clan (whitelisted) =============

(If an entry is included in the fixlist, the default volition be restored. None default entries will be removed.)

==================== MSCONFIG/Task MANAGER disabled items =========

(Currently there is no automated ready for this section.)

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "LTCM Customer"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-ane-5-21-485173556-832918840-2370493585-1000\...\StartupApproved\StartupFolder: => "eFax 4.iv.lnk"
HKU\South-1-5-21-485173556-832918840-2370493585-1000\...\StartupApproved\StartupFolder: => "HMA Pro VPN 2.0.lnk"
HKU\South-1-5-21-485173556-832918840-2370493585-1000\...\StartupApproved\Run: => "HP Officejet Pro 8600 (Internet)"
HKU\South-1-5-21-485173556-832918840-2370493585-1000\...\StartupApproved\Run: => "eFax 4.4"
HKU\S-1-5-21-485173556-832918840-2370493585-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-485173556-832918840-2370493585-k\...\StartupApproved\Run: => "EssentialPIM"

========================= Accounts: ==========================

Administrator (S-1-5-21-485173556-832918840-2370493585-500 - Administrator - Disabled)
Invitee (S-i-five-21-485173556-832918840-2370493585-501 - Express - Disabled)
HomeGroupUser$ (S-1-5-21-485173556-832918840-2370493585-1002 - Limited - Enabled)
NorMac (S-1-5-21-485173556-832918840-2370493585-1000 - Administrator - Enabled) => C:\Users\NorMac

==================== Faulty Device Director Devices =============

Proper noun: Microsoft PS/ii Mouse
Clarification: Microsoft PS/two Mouse
Grade Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does non take all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they accept been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet J6400 series
Description: Officejet J6400 serial
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Trouble: : This device is disabled. (Code 22)
Resolution: In Device Managing director, click "Action", and and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Proper name:
Description:
Grade Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Clarification:
Form Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are non installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update magician.

Name: Officejet J6400 series
Description: Officejet J6400 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Activeness", and so click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2015 09:xiii:45 AM) (Source: Awarding Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x50ecdcd3
Faulting module name: ntdll.dll, version: 6.two.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Fault offset: 0x00061233
Faulting procedure id: 0x2ec4
Faulting application showtime time: 0xiexplore.exe0
Faulting awarding path: iexplore.exe1
Faulting module path: iexplore.exe2
Study Id: iexplore.exe3
Faulting bundle full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (01/04/2015 09:02:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Clarification: Faulting awarding name: iexplore.exe, version: ten.0.9200.17183, time stamp: 0x5010a55f
Faulting module proper name: ntdll.dll, version: half-dozen.2.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Fault kickoff: 0x00061206
Faulting process id: 0x3928
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting packet-relative application ID: iexplore.exe5

Mistake: (01/04/2015 08:56:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Clarification: Faulting awarding name: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x5010a55f
Faulting module name: ntdll.dll, version: half-dozen.two.9200.16420, fourth dimension stamp: 0x505aaa82
Exception code: 0xc0000005
Fault offset: 0x00061206
Faulting process id: 0x3594
Faulting awarding kickoff time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package total name: iexplore.exe4
Faulting parcel-relative awarding ID: iexplore.exe5

Error: (01/04/2015 08:47:35 AM) (Source: Awarding Error) (EventID: one thousand) (User: )
Description: Faulting application name: iexplore.exe, version: x.0.9200.17183, fourth dimension stamp: 0x505a96c3
Faulting module name: ntdll.dll, version: half-dozen.two.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Fault offset: 0x00061206
Faulting process id: 0x654
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full proper noun: iexplore.exe4
Faulting package-relative awarding ID: iexplore.exe5

Fault: (01/04/2015 08:45:39 AM) (Source: Application Fault) (EventID: 1000) (User: )
Description: Faulting application proper noun: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x5010888a
Faulting module proper noun: ntdll.dll, version: half dozen.2.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Error beginning: 0x0005811c
Faulting process id: 0x3238
Faulting application first time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Written report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting bundle-relative awarding ID: iexplore.exe5

Error: (01/04/2015 08:twoscore:twenty AM) (Source: Application Error) (EventID: 1000) (User: )
Clarification: Faulting awarding proper noun: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x5010888a
Faulting module name: ntdll.dll, version: 6.ii.9200.16420, fourth dimension postage: 0x505aaa82
Exception lawmaking: 0xc0000005
Error offset: 0x00061206
Faulting process id: 0x261c
Faulting application get-go time: 0xiexplore.exe0
Faulting awarding path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting parcel-relative application ID: iexplore.exe5

Fault: (01/04/2015 08:39:22 AM) (Source: Awarding Fault) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: ten.0.9200.17183, time stamp: 0x5010888a
Faulting module name: ntdll.dll, version: half-dozen.ii.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Fault offset: 0x00061206
Faulting process id: 0x380c
Faulting application start fourth dimension: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Written report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (01/04/2015 08:38:forty AM) (Source: Awarding Error) (EventID: g) (User: )
Description: Faulting application proper noun: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x50109188
Faulting module name: ntdll.dll, version: 6.2.9200.16420, time postage: 0x505aaa82
Exception code: 0xc0000005
Error offset: 0x00061206
Faulting process id: 0x3788
Faulting awarding start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting bundle total name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (01/04/2015 08:30:08 AM) (Source: Awarding Error) (EventID: chiliad) (User: )
Clarification: Faulting awarding name: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x50109de9
Faulting module name: ntdll.dll, version: half-dozen.2.9200.16420, fourth dimension postage: 0x505aaa82
Exception code: 0xc0000005
Fault offset: 0x00061206
Faulting process id: 0x40
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (01/04/2015 08:29:fifteen AM) (Source: Application Error) (EventID: chiliad) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17183, time stamp: 0x5010a64a
Faulting module name: ntdll.dll, version: half-dozen.ii.9200.16420, time stamp: 0x505aaa82
Exception code: 0xc0000005
Fault starting time: 0x00061206
Faulting procedure id: 0x2970
Faulting application showtime time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Study Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

System errors:
=============
Fault: (01/03/2015 11:34:16 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Fault: (01/03/2015 11:11:03 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Clarification: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Mistake: (01/03/2015 11:04:52 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Clarification: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 11:04:20 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 11:03:48 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 11:03:13 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 xi:02:xl PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 11:02:07 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Clarification: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Mistake: (01/03/2015 11:01:34 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Clarification: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/03/2015 xi:01:02 PM) (Source: DCOM) (EventID: 10010) (User: LEVIATHON)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Microsoft Office Sessions:
=========================
Error: (12/31/2014 10:13:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Proper name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Function Version: 12.0.4518.1014. This session lasted 9915 seconds with 540 seconds of active fourth dimension. This session concluded with a crash.

Error: (12/19/2014 00:19:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: half-dozen, Application Name: Microsoft Part Outlook, Awarding Version: 12.0.4518.1014, Microsoft Function Version: 12.0.4518.1014. This session lasted 68031 seconds with 2220 seconds of active time. This session ended with a crash.

Error: (11/xi/2014 00:17:42 AM) (Source: Microsoft Part 12 Sessions) (EventID: 7001) (User: )
Clarification: ID: vi, Awarding Name: Microsoft Office Outlook, Awarding Version: 12.0.4518.1014, Microsoft Role Version: 12.0.4518.1014. This session lasted 766754 seconds with 9660 seconds of active fourth dimension. This session ended with a crash.

Error: (ten/30/2014 08:57:42 AM) (Source: Microsoft Role 12 Sessions) (EventID: 7001) (User: )
Clarification: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Function Version: 12.0.4518.1014. This session lasted 232690 seconds with 11580 seconds of active time. This session ended with a crash.

Error: (08/06/2014 09:xx:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Part Version: 12.0.4518.1014. This session lasted 43925 seconds with 1920 seconds of agile time. This session concluded with a crash.

Mistake: (07/31/2014 01:50:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Proper name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Part Version: 12.0.4518.1014. This session lasted 1115 seconds with 420 seconds of active time. This session ended with a crash.

Error: (07/25/2014 01:35:22 PM) (Source: Microsoft Function 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Part Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 277794 seconds with 7680 seconds of active time. This session ended with a crash.

Error: (07/22/2014 08:25:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 87246 seconds with 660 seconds of agile time. This session concluded with a crash.

Error: (07/16/2014 10:16:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Proper name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27085 seconds with 1980 seconds of active fourth dimension. This session ended with a crash.

Error: (07/sixteen/2014 02:05:38 PM) (Source: Microsoft Role 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Awarding Proper name: Microsoft Function Outlook, Awarding Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 529236 seconds with 21420 seconds of agile time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-x-30 10:34:04.886
Clarification: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys considering file hash could not exist found on the system. A recent hardware or software modify might have installed a file that is signed incorrectly or damaged, or that might exist malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 71%
Full concrete RAM: 6071.eleven MB
Bachelor physical RAM: 1744.52 MB
Total Pagefile: 9527.11 MB
Available Pagefile: 3781.24 MB
Full Virtual: 8192 MB
Bachelor Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:917.74 GB) (Costless:v.05 GB) NTFS
Drive f: (PHONE) (Removable) (Total:0.02 GB) (Free:0.02 GB) Fatty

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Deejay ID: 7EDF2454)
Partition ane: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Agile) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917.7 GB) - (Type=07 NTFS)
Could not read MBR for disk three.

==================== End Of Log ============================

Hpw to Read Farbar Recovery Scan Tool

Source: https://malwaretips.com/threads/need-fixlist-txt-for-farbar-recovery-scan-tool.19933/

Share this post